[Bug 220095][PATCH] dpt_scsi: Fix a possible sleep-under-mutex bug in dpt_init

Jia-Ju Bai baijiaju1990 at 163.com
Sun Jun 18 09:46:09 UTC 2017


The driver may sleep under a mutex, and the function call path is:
dpt_init [acquire the mutex]
   dptallocsgmap
     bus_dmamap_load(BUS_DMA_WAITOK) --> may sleep

The possible fix of this bug is to set the last parameter in 
bus_dmamap_load to "BUS_DMA_NOWAIT".

This bug is found by a static analysis tool written by myself, and it is 
checked by my review of the FreeBSD code.

Signed-off-by: Jia-Ju Bai <baijiaju1990 at 163.com>
---
 sys/dev/dpt/dpt_scsi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/dev/dpt/dpt_scsi.c b/sys/dev/dpt/dpt_scsi.c
index 541b58665cf..f39ebfba2a7 100644
--- a/sys/dev/dpt/dpt_scsi.c
+++ b/sys/dev/dpt/dpt_scsi.c
@@ -300,7 +300,7 @@ dptallocsgmap(struct dpt_softc *dpt)
 
 	(void)bus_dmamap_load(dpt->sg_dmat, sg_map->sg_dmamap, sg_map->sg_vaddr,
 			      PAGE_SIZE, dptmapmem, &sg_map->sg_physaddr,
-			      /*flags*/0);
+			      /*flags*/BUS_DMA_NOWAIT);
 
 	SLIST_INSERT_HEAD(&dpt->sg_maps, sg_map, links);
 
-- 
2.13.0




More information about the freebsd-scsi mailing list